Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Best (Industry-Standard) Firewall

Posted on 2003-02-20
Medium Priority
Last Modified: 2007-12-19
I hope this question is not TOO subjective...
I would need a list of the 3 best industry-standard business firewall(appliances or software) that will handle around 500 PC's(in 30 or so subnets) from the inside NAT-ing out.
I don't necessarily need the model numbers, just the manufacturer/model name.
I'm looking at the Cisco PIX 506E and 516E as possible primary candidates, with CheckPoint Solaris/Linux bundle as a secondary. What others should I include.
Question by:tibori
  • 3
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 7989211
You might want to cross-post this (a 0 point question with a link to this one and your description) at the Security topic area:

LVL 79

Expert Comment

ID: 7989712
Cisco PIX 515E w/Unrestricted license, or PIX 525. 506E will NOT support 500 users.


Have heard really good reports about Netscreen

Watchguard firebox is also a good solid performer.

LVL 79

Expert Comment

ID: 7989739
Any software firewall that runs on any Windows platform will never be any more secure than Windows -IMHO

Linux is cheap and relatively painless, but it is not generally accepted as an industry standard business-class solution.

Checkpoint is the only software-based (on Solaris) that I would recommend http://www.checkpoint.com/products/index.html


Author Comment

ID: 8009893
dogztar: Thanks for the tip, but I couldn't do it. Looks like EE has implemented a 20point minimum for any question...
lrmoore: thank you for your suggestions. I will check them out. Just one question, what is the maximum user limit of the 506E. I've looked through the tech specs and didn't see it.
LVL 79

Accepted Solution

lrmoore earned 400 total points
ID: 8011404
There is no maximum user limit on any of the PIX's besides the 501. It is limited only by the processor power and memory, and lack of support for 100Mb connections, failover, or DMZ ports. Our general rule of thumb for sizing a PIX:
501 = 10-50 users (licence restriction)
506e = 10-100 users (performance restricted), 10Mb only
515e = 10-250 users (maybe up to 500 depending on use). Restricted license limits to 3 interfaces, no failover and # of concurrent connections. UNrestricted license supports up to 6 interfaces, plus failover, and has more memory to support more concurrent connections.
525 = 500 or more users or complex DMZ/VPN requirements
535 = Interprise/ISP use or high-speed (multiple Gigabit interfaces) DMZ/VPN requirements

Hope this helps.

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
A clone is a duplicate copy. Sheep have been cloned and maybe someday even people will be cloned, but disk cloning (performed by the hard drive cloning software) is a vital tool used to manage and protect data. Let’s look at what hard drive cloning …
Integration Management Part 2
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month11 days, 21 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question